Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Thirty percent of all cyber incidents in 2023 involved abuse of valid credentials, according to IBM X-Force’s latest Threat Intelligence Index. This represents a seventy-one percent increase compared to 2022. “One of the top initial access vectors in 2023—jumping from third to first place— was the abuse of valid accounts identified in 30% of the observed incidents X-Force responded to,” the researchers write.

Venturebeat had the scoop on a fresh Group-IB report. They discovered the first banking trojan that steals people’s faces. Unsuspecting users are tricked into giving up personal IDs and phone numbers and are prompted to perform face scans. These images are then swapped out with AI-generated deepfakes that can easily bypass security checkpoints.

ConnectWise urges organizations using an on-premises installation of the ScreenConnect remote monitoring and management software (formerly known as ConnectWise Control) to update servers to version 23.9.8 immediately due to a critical remote code execution vulnerability. The ScreenConnect remote desktop product is at risk due to a pair of vulnerabilities: CVE-2024-1709 and CVE-2024-1708.

10 minutes to pain. When it comes to cloud security, 10 minutes or less is what bad actors need to execute an attack. Does it mean your business could be at risk if you fail to detect and respond to an attack in less than 10 minutes? Absolutely yes. With more and more sophisticated security attacks actively occurring nowadays, security teams need to hold themselves to a modernized benchmark.

Password rotation has become less necessary for personal accounts if they are protected with strong and unique passwords and MFA. Organizations do need to implement password rotation to protect privileged accounts; however, manually rotating passwords can lead to security risks such as compromised passwords. Organizations need automated password rotation to protect privileged accounts from becoming compromised by weak or compromised passwords.

Imagine accessing a giant repository of knowledge, extracting the most relevant information in response to your specific needs, and then using that information to generate intelligent, factual responses - that's the power of Retrieval-Augmented Generation (RAG). This innovative technology is taking the world of Artificial Intelligence (AI) by storm, and for good reason. Let's delve into what RAG is, why it counts, and how it can transform your organization.

India established a framework for protecting and processing personal data called the Digital Personal Data Protection Bill. After passing both houses of Parliament, this bill evolved into the Digital Personal Data Protection Act (DPDP) in 2023. This act creates a robust and comprehensive framework to protect sensitive information while supporting India's economic growth and digital transformation.

Cipher suites are a set of cryptographic algorithms utilized by the schannel SSP implementation of TLS/SSL protocols. These algorithms are employed to generate keys and encrypt data. Each cipher suite designates specific algorithms for the following functions: In TLS 1.2 and TLS 1.3, the NSA suggests using cryptographic settings that meet the standards in CNSSP 15, known as Commercial National Security Algorithms.

Hyper-V has powerful networking capabilities, allowing virtual machines to communicate with virtual and physical networks. While Hyper-V networking is reliable and contains many features, admins may encounter issues with virtual machines, such as a missing IP address. Let’s look at Hyper-V VM with no IP address for beginners and see how we can troubleshoot it.

Azure Storage Actions is a serverless framework that you can use to perform common data operations on millions of objects across multiple storage accounts. Currently, Azure Storage Action service is available in the preview stage in Azure portal. The preview release of Azure Storage Actions represents a significant advancement in cloud storage management and automation within Microsoft’s Azure platform.